Announcements
These announcements and hot topic concern Federal Public Key Infrastructure changes that may affect your agency’s operations. Announcements are archived after one year and removed after three years.
| Title | Status | Date | Description |
|---|---|---|---|
| New FPKI Tools Available | Active | May 18, 2021 | Release announcement for the Federal PKI Card Conformance Tool (CCT) and Certificate Profile Conformance Tool (CPCT). |
| Federal Common Policy CA G2 Update |
Active | October 12, 2020 | In October 2020, the Federal Government will establish a new Federal Public Key Infrastructure (FPKI) Root Certification Authority (CA). This new root is named the Federal Common Policy CA G2. This announcement details the CA update timeline and actions agencies need to perform. |
| Upcoming Migration of Federal PKI Certificate Repository Services | Archived | April 1, 2019 | On April 22, 2019, the Federal Public Key Infrastructure Management Authority will migrate the hosting of HyperText Transfer Protocol (HTTP) repository services to a cloud-based solution. This announcement provides additional information related to the upcoming migration. |
| DigiCert CA Decommissioning | Archived | April 1, 2019 | DigiCert Incorporated is planning on decommissioning several certification authorities (CAs) from the Federal PKI. These CAs are no longer active or required, and there is no expected impact from these changes. This announcement provides information related to the CAs affected by this change. |
| Removal of Health CAs from Federal PKI | Archived | March 5, 2019 | Federal PKI teams recently performed two actions to remove fifty-nine (59) certification authorities (CAs) related to health IT use cases from the Federal PKI trust framework. This change is not a distrust action. This announcement provides information related to the CAs affected by this change. |
| Federal Common Policy CA Removal from Apple Trust Stores Impact | Archived | September 13, 2018 | This change will impact government users of Apple iOS, macOS, and tvOS, starting in **September 2018**. This change will cause government users to receive errors when encountering instances of a Federal PKI CA-issued certificate. You can mitigate the impact for government intranets and government-furnished equipment. |
| Chrome Certificate Transparency Requirements | Archived | August 10, 2018 | As of **July 24, 2018**, Google is now enforcing Certificate Transparency (CT) for Chrome 68 and above. This change could affect your agency. This means that all TLS/SSL certificates issued after **April 30, 2018**, that validate to a publicly trusted Root Certification Authority (CA) certificate must appear in a CT log in order to be trusted by Chrome 68 and above. Users browsing to non-CT compliant, federal intranet websites will encounter connection errors. |
| Federal Common Policy CA Removal from Microsoft Trust Store Impact | Archived | May 18, 2018 | This change will cause Windows users to receive errors when encountering instances of a Federal PKI CA-issued certificate. You can mitigate the impact for the government intranets and government-furnished equipment by using configuration management tools for federal devices. |
| Chrome TLS Certificate Lifetime Requirement | Archived | May 10, 2018 | Recent changes to Chrome could affect your agency. Chrome users may receive errors when browsing to government intranet websites and applications. Starting **March 1, 2018**, Chrome requires all TLS/SSL certificates to have a maximum lifetime of 825 days. You can mitigate the impact for government intranets, applications, and government-furnished equipment by using these procedures. |